BSOD UNEXPECTED_KERNEL_MODE_TRAP

The first crash was caused by a problem between Avast and Discord, the second only flags up a system driver along with the driver NETIO.SYS which is related to the Network I/O Subsystem, this could also be caused by a problem between Avast and your network connection.

Try updating your network drivers, make sure that Windows is fully up to date and uninstall Avast, see my canned info below;

Windows 8, 8.1 and 10 come with an improved Windows Defender, it offers the same real-time anti-virus/anti-malware protection as Microsoft Security Essentials. Windows Defender also shares the same malware signature definitions as Microsoft Security Essentials, and Forefront Endpoint Protection. Technically, Microsoft Security Essentials has not been renamed Windows Defender, or combined with it in Windows 8, 8.1 and 10.

Having more than one AV installed on your computer is bad, it will slow down the computer, cause internet connection problems and leave you with no AV protection at all if they cancel each other out as they fight for resources.

If any AV product that you have is a paid for version you should always make sure that you have a copy of the product key kept somewhere safe just in case you ever wish to reinstall it.

Avast clean removal info here

[COLOR=rgb(44, 130, 201)]If you stick with only Windows Defender, once any other AV has been correctly uninstalled, check to see if Windows Defender has auto enabled and allow it to update and carry out a full scan of your computer.

---

• Code:

                                                                          *

• Code:

                     Bugcheck Analysis                                    *

• Code:

                                                                          *

---

IRQL_NOT_LESS_OR_EQUAL (a)
An attempt was made to access a pageable (or completely invalid) address at an
interrupt request level (IRQL) that is too high. This is usually
caused by drivers using improper addresses.
If a kernel debugger is available get the stack backtrace.
Arguments:
Arg1: 0000000000000000, memory referenced
Arg2: 0000000000000002, IRQL
Arg3: 0000000000000000, bitfield :
bit 0 : value 0 = read operation, 1 = write operation
bit 3 : value 0 = not an execute operation, 1 = execute operation (only on chips which support this level of status)
Arg4: fffff8013266ce90, address which referenced memory
[HEADING=1]Debugging Details:[/HEADING]
TRIAGER: Could not open triage file : e:\dump_analysis\program\triage\modclass.ini, error 2

READ_ADDRESS: unable to get nt!MmSpecialPoolStart
unable to get nt!MmSpecialPoolEnd
unable to get nt!MmPagedPoolEnd
unable to get nt!MmNonPagedPoolStart
unable to get nt!MmSizeOfNonPagedPoolInBytes
0000000000000000

CURRENT_IRQL: 2

FAULTING_IP:
nt!MI_READ_PTE_LOCK_FREE+0
fffff801`3266ce90 488b01 mov rax,qword ptr [rcx]

CUSTOMER_CRASH_COUNT: 1

DEFAULT_BUCKET_ID: VERIFIER_ENABLED_VISTA_MINIDUMP

[COLOR=rgb(184, 49, 47)]BUGCHECK_STR: AV
[COLOR=rgb(184, 49, 47)]
[COLOR=rgb(184, 49, 47)]PROCESS_NAME: Discord.exe

TRAP_FRAME: ffff8e06daa8a260 – (.trap 0xffff8e06daa8a260)
NOTE: The trap frame does not contain all registers.
Some register values may be zeroed or incorrect.
rax=0000000000000001 rbx=0000000000000000 rcx=0000000000000000
rdx=0000000000000001 rsi=0000000000000000 rdi=0000000000000000
rip=fffff8013266ce90 rsp=ffff8e06daa8a3f8 rbp=7fffffffffffffff
r8=ffffb4da6d369000 r9=ffffb48000009140 r10=ffff920ead0f0980
r11=0000000000000002 r12=0000000000000000 r13=0000000000000000
r14=0000000000000000 r15=0000000000000000
iopl=0 nv up ei ng nz na po nc
nt!MI_READ_PTE_LOCK_FREE:
fffff801[ICODE]3266ce90 488b01 mov rax,qword ptr [rcx] ds:00000000[/ICODE]00000000=0000000000000000
Resetting default scope

LAST_CONTROL_TRANSFER: from fffff801327d3c69 to fffff801327c30a0

STACK_TEXT:
ffff8e06[ICODE]daa8a118 fffff801[/ICODE]327d3c69 : 00000000[ICODE]0000000a 00000000[/ICODE]00000000 00000000[ICODE]00000002 00000000[/ICODE]00000000 : nt!KeBugCheckEx
ffff8e06[ICODE]daa8a120 fffff801[/ICODE]327d08e5 : 00000000[ICODE]00000000 00000000[/ICODE]00000000 00000000[ICODE]00000000 00000000[/ICODE]00000000 : nt!KiBugCheckDispatch+0x69
ffff8e06[ICODE]daa8a260 fffff801[/ICODE]3266ce90 : fffff801[ICODE]3275c951 00000000[/ICODE]00000001 00000000[ICODE]00000000 ffff2f1f[/ICODE]84605a96 : nt!KiPageFault+0x425
ffff8e06[ICODE]daa8a3f8 fffff801[/ICODE]3275c951 : 00000000[ICODE]00000001 00000000[/ICODE]00000000 ffff2f1f[ICODE]84605a96 00000000[/ICODE]00000000 : nt!MI_READ_PTE_LOCK_FREE
ffff8e06[ICODE]daa8a400 fffff801[/ICODE]3267a901 : 00000000[ICODE]00000000 fffff801[/ICODE]3266e4b1 ffff920e[ICODE]ad0f0980 ffffb480[/ICODE]00009140 : nt!MiCaptureProtectionFromLockedProto+0x29
ffff8e06[ICODE]daa8a430 fffff801[/ICODE]326778b4 : 00000000[ICODE]01228000 00000000[/ICODE]00002c00 00000000[ICODE]00000001 ffff920e[/ICODE]adfa7a80 : nt!MiGetPageProtection+0x551
ffff8e06[ICODE]daa8a4a0 fffff801[/ICODE]326e63a6 : 00000000[ICODE]03a9c000 00000000[/ICODE]01200000 ffff920e[ICODE]ad0f0980 0a000000[/ICODE]1c8da121 : nt!MiQueryAddressState+0x414
ffff8e06[ICODE]daa8a690 fffff801[/ICODE]32b1a1b6 : ffff8e06[ICODE]00000006 00000000[/ICODE]00000003 ffff8e06[ICODE]00000000 00000000[/ICODE]00000003 : nt!MiQueryAddressSpan+0x126
ffff8e06[ICODE]daa8a730 fffff801[/ICODE]32b19a51 : ffff8e06[ICODE]daa8aa00 ffffb480[/ICODE]003b97c8 ffffb4da[ICODE]40001dc8 ffffb4da[/ICODE]6d200008 : nt!MmQueryVirtualMemory+0x756
ffff8e06[ICODE]daa8a8d0 fffff80a[/ICODE]2dedd398 : ffff920e[ICODE]a7558700 ffff8e06[/ICODE]daa8aa80 00000000[ICODE]00000000 00000000[/ICODE]03caa000 : nt!NtQueryVirtualMemory+0x25
ffff8e06[ICODE]daa8a920 ffff920e[/ICODE]a7558700 : ffff8e06[ICODE]daa8aa80 00000000[/ICODE]00000000 00000000[ICODE]03caa000 00000000[/ICODE]00000030 : aswSnx+0x2d398
ffff8e06[ICODE]daa8a928 ffff8e06[/ICODE]daa8aa80 : 00000000[ICODE]00000000 00000000[/ICODE]03caa000 00000000[ICODE]00000030 00000000[/ICODE]0909e458 : 0xffff920e[ICODE]a7558700 ffff8e06[/ICODE]daa8a930 00000000[ICODE]00000000 : 00000000[/ICODE]03caa000 00000000[ICODE]00000030 00000000[/ICODE]0909e458 00000000[ICODE]00000000 : 0xffff8e06[/ICODE]daa8aa80

STACK_COMMAND: kb

FOLLOWUP_IP:
aswSnx+2d398
fffff80a`2dedd398 448be0 mov r12d,eax

SYMBOL_STACK_INDEX: a

SYMBOL_NAME: aswSnx+2d398

FOLLOWUP_NAME: MachineOwner

[COLOR=rgb(184, 49, 47)]MODULE_NAME: aswSnx
[COLOR=rgb(184, 49, 47)]
[COLOR=rgb(184, 49, 47)]IMAGE_NAME: aswSnx.sys

DEBUG_FLR_IMAGE_TIMESTAMP: 5bdc3b02

FAILURE_BUCKET_ID: X64_AV_VRF_aswSnx+2d398

BUCKET_ID: X64_AV_VRF_aswSnx+2d398

Followup: MachineOwner[/COLOR][/COLOR][/COLOR][/COLOR][/COLOR][/COLOR][/COLOR]

Thanks so much for your help, I’ve just removed avast, updated windows and checked for driver updates but I was just wondering, is it normal to have this many network drivers? (see attached file)

Edit: Been running games / programs that my computer seemed to crash most often in, so far so good! Ty a lot.

Yes those network drivers are normal, they each have a different function.

See how things go for a couple of days and for now can I just ask that you create a new system restore point while things are stable.

You are welcome btw

Pc just crashed, wasn’t doing anything in particular although I had recently started a game.

PC just crashed again,

Driver verifier finally caught something!

[COLOR=rgb(41, 105, 176)]Tip

If using a computer and not a mobile phone, please avoid adding multiple posts while waiting for us to reply to your last, edit your last post to include anything that you wish to add, this will ensure nothing gets overlooked which can sometimes happen if a thread has more than one page.

Weird, you seem to have Fat 32 file system info on the HDD, [COLOR=rgb(184, 49, 47)]any idea how this has come to be as Fat 32 is normally associated with USB devices.

[COLOR=rgb(184, 49, 47)]Before we suggest anything can you answer the above question for us.

We need to first check the integrity of the HDD and then Windows itself, we can`t use the info in the second dmp file atm because the info is not reliable but fwiw a problem between the AV and Nvidea drivers was partially to blame.

Some info here regarding the error being flagged up in the first dmp.

Debug session time: Fri Dec 21 03:45:31.917 2018 (UTC - 5:00)
System Uptime: 0 days 21:34:21.709

---

• Code:

                                                                          *

• Code:

                     Bugcheck Analysis                                    *

• Code:

                                                                          *

---

[COLOR=rgb(184, 49, 47)]CACHE_MANAGER (34)
See the comment for FAT_FILE_SYSTEM (0x23)
Arguments:
Arg1: 0000000000051352
Arg2: fffff98d9d27edf8
Arg3: fffff98d9d27e640
Arg4: fffff80261e8f001
[HEADING=1]Debugging Details:[/HEADING]
***** Kernel symbols are WRONG. Please fix symbols to do analysis.

---

---

---

*** Either you specified an unqualified symbol, or your debugger ***
*** doesn’t have full symbol information. Unqualified symbol ***
*** resolution is turned off by default. Please either specify a ***
*** fully qualified symbol module!symbolname, or enable resolution ***
*** of unqualified symbols by typing “.symopt- 100”. Note that ***
*** enabling unqualified symbol resolution with network symbol ***
*** server shares in the symbol path may cause the debugger to ***
*** appear to hang for long periods of time when an incorrect ***
*** symbol name is typed or the network symbol server is down. ***

---

*** For some commands to work properly, your symbol path ***
*** must point to .pdb files that have full type information. ***

---

*** Certain .pdb files (such as the public OS symbols) do not ***
*** contain the required information. Contact the group that ***
*** provided you with these symbols if you need this command to ***
*** work. ***

---

*** Type referenced: nt!_KPRCB ***

---

---

TRIAGER: Could not open triage file : e:\dump_analysis\program\triage\modclass.ini, error 2

---

---

---

*** Either you specified an unqualified symbol, or your debugger ***
*** doesn’t have full symbol information. Unqualified symbol ***
*** resolution is turned off by default. Please either specify a ***
*** fully qualified symbol module!symbolname, or enable resolution ***
*** of unqualified symbols by typing “.symopt- 100”. Note that ***
*** enabling unqualified symbol resolution with network symbol ***
*** server shares in the symbol path may cause the debugger to ***
*** appear to hang for long periods of time when an incorrect ***
*** symbol name is typed or the network symbol server is down. ***

---

*** For some commands to work properly, your symbol path ***
*** must point to .pdb files that have full type information. ***

---

*** Certain .pdb files (such as the public OS symbols) do not ***
*** contain the required information. Contact the group that ***
*** provided you with these symbols if you need this command to ***
*** work. ***

---

*** Type referenced: nt!_KPRCB ***

---

---

---

---

---

*** Either you specified an unqualified symbol, or your debugger ***
*** doesn’t have full symbol information. Unqualified symbol ***
*** resolution is turned off by default. Please either specify a ***
*** fully qualified symbol module!symbolname, or enable resolution ***
*** of unqualified symbols by typing “.symopt- 100”. Note that ***
*** enabling unqualified symbol resolution with network symbol ***
*** server shares in the symbol path may cause the debugger to ***
*** appear to hang for long periods of time when an incorrect ***
*** symbol name is typed or the network symbol server is down. ***

---

*** For some commands to work properly, your symbol path ***
*** must point to .pdb files that have full type information. ***

---

*** Certain .pdb files (such as the public OS symbols) do not ***
*** contain the required information. Contact the group that ***
*** provided you with these symbols if you need this command to ***
*** work. ***

---

*** Type referenced: nt!_KPRCB ***

---

---

ADDITIONAL_DEBUG_TEXT:

Use ‘!findthebuild’ command to search for the target build information.

If the build information is available, run ‘!findthebuild -s ; .reload’ to set symbol path and load symbols.

MODULE_NAME: nt

FAULTING_MODULE: fffff80261e1d000 nt

DEBUG_FLR_IMAGE_TIMESTAMP: 0

EXCEPTION_RECORD: fffff98d9d27edf8 – (.exr 0xfffff98d9d27edf8)
ExceptionAddress: fffff80261e8f001 (nt+0x0000000000072001)
[COLOR=rgb(184, 49, 47)] ExceptionCode: c000001d (Illegal instruction)
ExceptionFlags: 00000000
NumberParameters: 0

CONTEXT: fffff98d9d27e640 – (.cxr 0xfffff98d9d27e640)
rax=fffff98d9d27f220 rbx=0000000000000003 rcx=fffff98d9d27f220
rdx=fffff98d9d27f220 rsi=0000000000000000 rdi=fffff98d9d27f140
rip=fffff80261e8f001 rsp=fffff98d9d27f038 rbp=0000000000000001
r8=0000007ffffffff8 r9=0000000000000000 r10=0000000fffffffff
r11=0000000000000001 r12=fffff45dc7962800 r13=000000000000000f
r14=fffff98d9d27f220 r15=ffffcb82bc1cb208
iopl=0 nv up ei ng nz na pe nc
cs=0010 ss=0000 ds=002b es=002b fs=0053 gs=002b efl=00010282
nt+0x72001:
fffff802[ICODE]61e8f001 0fb78170010000 movzx eax,word ptr [rcx+170h] ds:002b:fffff98d[/ICODE]9d27f390=0010
Resetting default scope

DEFAULT_BUCKET_ID: WIN8_DRIVER_FAULT

BUGCHECK_STR: 0x34

CURRENT_IRQL: 0

EXCEPTION_STR: 0x0

LAST_CONTROL_TRANSFER: from fffff8026201b8ad to fffff80261e8f001

STACK_TEXT:
fffff98d[ICODE]9d27f038 fffff802[/ICODE]6201b8ad : 00000000[ICODE]00000000 fffff802[/ICODE]6288ca84 00001f80[ICODE]0010000f 0053002b[/ICODE]002b0010 : nt+0x72001
fffff98d[ICODE]9d27f040 00000000[/ICODE]00000000 : fffff802[ICODE]6288ca84 00001f80[/ICODE]0010000f 0053002b[ICODE]002b0010 00000202[/ICODE]0000002b : nt+0x1fe8ad

FOLLOWUP_IP:
nt+72001
fffff802`61e8f001 0fb78170010000 movzx eax,word ptr [rcx+170h]

SYMBOL_STACK_INDEX: 0

SYMBOL_NAME: nt+72001

FOLLOWUP_NAME: MachineOwner

IMAGE_NAME: ntoskrnl.exe

STACK_COMMAND: .cxr 0xfffff98d9d27e640 ; kb

BUCKET_ID: WRONG_SYMBOLS

Followup: MachineOwner[/COLOR][/COLOR][/COLOR][/COLOR][/COLOR]

Not entirely sure ‘how to answer your question’ / ‘if this helps’ but I did kinda recently transfer my OS onto an ssd and I remember having a couple problems doing so, and it was something about an OS couldn’t be moved from one drive to the other for some reason about it being a different type (possibly fat32 vs ntfs) and I had to format a hdd to get it working. Also the hard drives are quite old.

Edit: Pc went and crashed again

Edit 2: Computer has successfully crashed more than 6 times in the past hour, but only one was a bsod (The other ones were marked as kernel power 41 in event viewer, may have just lost power?)

A somewhat cryptic answer, can you explain what you mean by “kinda recently transfer my OS onto an ssd” how was this done.

The two dmp files are of no use but they do suggest serious problems with Windows.

I attempted to use a program called EaseUS partition master to transfer windows to my ssd, however something I did with the transfer I did incorrectly which forced me to reinstall windows via a usb (got the software from the microsoft webpage). Also what kind of serious problems with windows do you mean?

The correct term to have used would have been either clone or migrate and not transfer, not being pedantic but you would be surprised at how many people do not know that you cannot drag and drop/transfer Windows or any other program for that matter from one drive to another.

The present version of Windows that you are running is corrupt, this could be as a result of a bad download, it not installing properly or the storage device that Windows is on has issues.

What device are you presently running Windows from.

Samsung ssd 850 EVO 500gb, bought within this year though so there really shouldn’t be a problem.

A good choice of SSD so flaky thumbdrive or download the more likely.

I would suggest that you start afresh including downloading a new ISO, preferably to another 8GB or above thumbdrive if you have one, it would also be of benefit if you had the drivers for the MB on disk or a thumbdrive and when the time comes to install Windows you install it on its own partition on the SSD, 200GB if just for Windows 10 or 250GB if for Windows 10 and any applications.

Just finished reinstalling windows on its own partition sorry I couldn’t have done this earlier things got busy around Christmas

No problem (y)